52 matches found
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component...
Linux Distros Unpatched Vulnerability : CVE-2026-8949
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...
CVE-2026-26162
Access of resource using incompatible type 'type confusion' in Windows OLE allows an authorized attacker to elevate privileges locally...
EUVD-2026-22483
Time-of-check time-of-use toctou race condition in Windows LUAFV allows an authorized attacker to elevate privileges locally...
EUVD-2026-22351
Access of resource using incompatible type 'type confusion' in Windows COM allows an authorized attacker to disclose information locally...
April 14, 2026—KB5082198 (OS Build 14393.9060)
April 14, 2026—KB5082198 OS Build 14393.9060 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices for the past...
Windows COM Server Information Disclosure Vulnerability
Access of resource using incompatible type 'type confusion' in Windows COM allows an authorized attacker to disclose information locally...
PT-2026-32717
CVE-2026-20806 Access of resource using incompatible type 'type confusion' in Windows COM allows an authorized attacker to disclose information locally. https://t.co/pPGYfQ4IPk...
PT-2026-32831
🪟 COM EoP CVE-2026-32162 again? When Microsoft’s “trust boundaries” are just vibes, every COM hop is a potential jailbreak. Triage fast: local users turning into admins is the usual horror sequel. https://t.co/nNowXseXJj ElevationOfPrivilege MicrosoftMsrc WindowsCom https://t.co/7B8CqiBKho...
CVE-2026-21240
Time-of-check time-of-use toctou race condition in Windows HTTP.sys allows an authorized attacker to elevate privileges locally...
EUVD-2025-206729
Insecure Permissions vulnerability in avanquest Driver Updater v.9.1.57803.1174 allows a local attacker to escalate privileges via the Driver Updater Service windows component...
PT-2026-5928
Insecure Permissions vulnerability in avanquest Driver Updater v.9.1.57803.1174 allows a local attacker to escalate privileges via the Driver Updater Service windows component...
Net-SNMP snmptrapd crash
...
Microsoft Inbox COM Objects Code Execution Vulnerability
Microsoft Inbox COM Objects is a built-in COM component of the Windows operating system from the U.S. company Microsoft Microsoft. A code execution vulnerability exists in Microsoft Inbox COM Objects, which can be exploited by an attacker to execute arbitrary code on a system...
EUVD-2025-34317
Heap-based buffer overflow in Windows COM allows an authorized attacker to elevate privileges locally...